What are CVEX-records?
CVEX-records is a collection of executable CVEs that can be run using https://github.com/ucsb-seclab/CVEX.
To contribute a new CVEX record, create a pull request for a new subfolder with the following structure:
CVE-XXXX-YYYYY
├── cvex.yml
├── data
│ ├── file1.ext
│ ├── file2.ext
│ ├── file3.ext
│ ├── ...
│ └── fileN.ext
├── ansible_playbook1.yml
├── ansible_playbook2.yml
├── ansible_playbook3.yml
├── ...
└── ansible_playbookN.yml
- Briefly describe the vulnerability and the exploit in the first comment of the pull request. Provide clear instructions on how to verify that the exploit succeeded.
- Keep the vulnerable software and the exploit in the
datafolder. Use Git LFS (Large File Storage) for big files. Do not rely onapt install,pip, URLs or similar methods to download vulnerable software or exploits. - Build the exploit from the source code. Never commit binaries unless you have a specific reason to do so.
- Rely on built-in Ansible commands. For example, use
ansible.builtin.pipinstead of executingpipfrom shell. - Consider the logs: for network-based vulnerabilities, ensure that CVEX captures the network interactions in PCAP; for local vulnerabilities, ensure that CVEX captures the API calls of the vulnerable service and/or the exploit.
- Always test your changes before commiting code.